This repository contains the development of a driver for Cryptographic Accelerators, in virtual environments (QEMU).
The project is devided into three sections:
-
Implementation of a simple unencrypted chat between two peers using BSD sockets.
-
Implementation of a simple encrypted chat between two peers using BSD sockets and cryptodev module.
-
Implementation of a paravirtualized driver in the Linux kernel for virtual environments (frontend) and of virtual Cryptographic hardware in Qemu-3.0.0 (backend). Combined they can support the access of Cryptographic Accelerators from Virtual environments in QEMU.
Compile with:
$ makeand run the server with:
$ ./serverOR
$ ./crypto-serverIn a different terminal run the client.
$ ./client 127.0.0.1 35001OR
$ ./crypto-client 127.0.0.1 35001In both situations testing the traffic can be done with:
$ sudo tcpdump -A -i lo tcp -nnn -XXX -vvvIn the encrypted chat the original data sent shouldn't be understood.
(The host machine should have the cryptodev module loaded!)
-
Clone or download the repository.
-
Download Qemu-3.0.0 source code.
-
Apply the patch running inside the Qemu-3.0.0/ directory
$ patch -p1 < <path to qemu-3.0.0_helpcode.patch>/qemu-3.0.0_helpcode.patch-
Replace the source code of Qemu-3.0.0 in the associated files, with the code given in this repository under backend/ directory.
-
Boot the VM
(some changes in the boot up script of qemu should be implemented: -device virtio-cryptodev-pci flag should be added in order to add this pci device in qemu) -
Inside the VM, compile the frontend driver and add the module into the kernel running
$ chmod +x initCrypto.sh
$ ./initCrypto.shThis will also add 32 Nodes,named cryptodevX ( X = [0,32] ), under the /dev directory that could be used for accessing the hardware.
You can test the driver running a simple encryption-decryption test with
$ ./test_cryptoOR (for forked processes accessing the driver)
$ ./test_fork_cryptoOR with the encrypted-chat.